The internal IP address of a Kubernetes single node has changed and now kubelet isn’t starting correctly anymore.
Therefore I’ve started changing the configuration of the follwoing files:
/.kube/config /etc/kubernetes/*.conf
I’ve added the new ip address to these files. After this step, I got the error saying that the X509 certificate is not valid for the new ip.
In order to solve this issue, I’ve done the following steps:
- Stop kubelet and delete all old cert files from /etc/kubernetes/pki and /etc/kubernetes/pki/etcd
- kubeadm init phase certs adminserver —adminserver-advertise-address —adminserver-cert-extra-sans
- kubeadm init phase certs adminserver-kubelet-client
- kubeadm init phase certs front-proxy-ca
- kubeadm init phase certs front-proxy-client
- kubeadm init phase certs apiserver-etcd-client
- kubeadm init phase certs etcd-ca
- kubeadm init phase certs etcd-healthcheck-client
- kubeadm init phase certs etcd-peer
- kubeadm init phase certs etcd-server
- kubeadm init phase kubeconfig all —apiserver-advertise-address
- kubeadm init phase certs renew all
- copied /etc/kubernetes/admin.conf to ~/.kube and renamed it to config
- kubeadm init phase kubelet-start
The problem is that I still get an error saying that the connection to the new IP was refused. I belive it’s due to a wrong certificate, but the apiserver.crt file seems correct if I compare it to the original certificate.
I tried the same approape on a machine which is running locally and I got kubelet to start correctly and kubectl to work again. Can anyone point me to what I’m doing wrong?
Thank you
